#!/usr/bin/env bash

# ----------------------------------------------------------------------
# Filename:   07-acl.sh
# Version:    1.0
# Date:       2025/02/26
# Author:     yaoxiyao
# Email:      yaoxiyao@kylinsec.com.cn
# Function:   acl - 07 AQX-FWKZ-004访问权限修改测试
# Out:
#             0 => TPASS
#             1 => TFAIL
#             2 => TCONF
# ----------------------------------------------------------------------

Title_Env_LTFLIB="访问控制测试 - AQX-FWKZ-004访问权限修改测试"

HeadFile_Source_LTFLIB="${LIB_SSHAUTO}"

testuser1_acl1="ltfacl1"
passwd1_acl1="olleH717.12.#$"
userip_acl1="localhost"
AddUserNames_LTFLIB="${testuser1_acl1}"
AddUserPasswds_LTFLIB="${passwd1_acl1}"

## TODO : 个性化,初始化
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestInit_LTFLIB() {
    # 创建临时目录
    testDir_acl01="${TmpTestDir_LTFLIB}/diracl01"
    mkdir ${testDir_acl01}
    CommRetParse_FailDiy_LTFLIB ${ERROR} "创建目录失败${testDir_acl01}"

    # 创建临时文件
    testFile_acl01="${TmpTestDir_LTFLIB}/fileacl01"
    testFile_acl02="fileacl02"
    touch ${testFile_acl01}
    CommRetParse_FailDiy_LTFLIB ${ERROR} "创建文件失败${testFile_acl01}"

    # 测试用户
    testuser='nobody'
    cat /etc/passwd | grep "$testuser" >/dev/null
    CommRetParse_FailDiy_LTFLIB ${ERROR} "未知的用户名${testuser}"

    # 配置免密登录
    SshAuto_OneConfig_LTFLIB "${userip_acl1}" "${testuser1_acl1}" "${passwd1_acl1}"
    TestRetParse_LTFLIB "配置免密登录" "True" "no" "yes"

    SshAuto_SetIpUser_LTFLIB "${userip_acl1}" "${testuser1_acl1}"
    TestRetParse_LTFLIB "设置默认IP和用户名" "True" "no" "yes"

    return $TPASS
}

## TODO : 清理函数
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestClean_LTFLIB() {
    Debug_LLE "rm -rf ${testDir_acl01} ${testFile_acl01} ${testFile_acl02}"
    rm -rf ${testDir_acl01} ${testFile_acl01} ${testFile_acl02}

    return $TPASS
}

## TODO : 测试设置文件和文件夹
testcase_1() {
    chmod 777 ${testFile_acl01} ${testDir_acl01}
    CommRetParse_LTFLIB "chmod 777 ${testFile_acl01} ${testDir_acl01}"

    ls -al ${testFile_acl01} | grep "rwxrwxrwx"
    CommRetParse_LTFLIB "ls -al ${testFile_acl01} | grep \"rwxrwxrwx\""

    ls -ald ${testDir_acl01} | grep "rwxrwxrwx"
    CommRetParse_LTFLIB "ls -ald ${testDir_acl01} | grep \"rwxrwxrwx\""
}

## TODO :
testcase_2() {
    getfacl -p ${testFile_acl01} ${testDir_acl01}
    CommRetParse_LTFLIB "getfacl -p ${testFile_acl01} ${testDir_acl01}"

    setfacl -m u:${testuser1_acl1}:--- ${testFile_acl01} ${testDir_acl01}
    CommRetParse_LTFLIB "setfacl -m u:${testuser1_acl1}:--- ${testFile_acl01} ${testDir_acl01}"

    getfacl -p ${testFile_acl01} | grep "user:${testuser1_acl1}:---"
    CommRetParse_LTFLIB "getfacl -p ${testFile_acl01} | grep \"user:${testuser1_acl1}:---\""

    getfacl -p ${testDir_acl01} | grep "user:${testuser1_acl1}:---"
    CommRetParse_LTFLIB "getfacl -p ${testDir_acl01} | grep \"user:${testuser1_acl1}:---\""

    SshAuto_CmdDef_LTFLIB "setfacl -m o::w ${testFile_acl01}" "no" "no"
    TestRetParse_LTFLIB "setfacl -m o::w ${testFile_acl01}" "False" "yes"

    chmod 755 ${testFile_acl01}
    CommRetParse_LTFLIB "chmod 755 ${testFile_acl01}"

    ls -al ${testFile_acl01} | grep "rwxr-xr-x"
    CommRetParse_LTFLIB "ls -al ${testFile_acl01} | grep \"rwxr-xr-x\""
}

## TODO : 运行测试集
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
Testsuite_LTFLIB() {
    testcase_1
    testcase_2
    return $TPASS
}

#----------------------------------------------#

source "${LIB_LTFLIB}"
Main_LTFLIB $@
